lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 31 Oct 2022 00:32:08 -0700
From:   Kees Cook <>
To:     John Thomson <>
Cc:,,, kernel test robot <>
Subject: Re: [PATCH] mips: boot/compressed: use __NO_FORITFY

On Mon, Oct 31, 2022 at 04:36:47AM +1000, John Thomson wrote:
> In the mips CONFIG_SYS_SUPPORTS_ZBOOT kernel, fix the compile error
> LD      vmlinuz
> mipsel-openwrt-linux-musl-ld: arch/mips/boot/compressed/decompress.o: in
> function `decompress_kernel':
> ./include/linux/decompress/mm.h:(.text.decompress_kernel+0x177c):
> undefined reference to `warn_slowpath_fmt'
> kernel test robot helped identify this as related to fortify. The error
> appeared with commit 54d9469bc515 ("fortify: Add run-time WARN for
> cross-field memcpy()")
> Link:
> Resolve this in the same style as commit cfecea6ead5f ("lib/string:
> Move helper functions out of string.c")
> Reported-by: kernel test robot <>
> Fixes: 54d9469bc515 ("fortify: Add run-time WARN for cross-field memcpy()")
> Signed-off-by: John Thomson <>
> ---
> not sure about the fixes tag:
> compile error only occurs due to the fortify commit, but it looks like
> this change could have been part of the other commit identified in the
> message: lib/string move helper functions?

I think the Fixes tag is reasonable. Strictly speaking, it should likely
be whatever added the memcpy() in decompress.c, but that's mostly
nonsense, since nothing else had tripped yet. :)

The issue is that the memcpy() has a runtime length, so
CONFIG_FORTIFY_SOURCE was inserting the logic for a runtime warning,
which doesn't exist here. This is the correct fix (turning off FORTIFY
in the early boot loader).

Reviewed-by: Kees Cook <>

Kees Cook

Powered by blists - more mailing lists